EP2472819B1 - Systèmes et procédés pour fournier et utiliser un réseau de communication sécurisé - Google Patents
Systèmes et procédés pour fournier et utiliser un réseau de communication sécurisé Download PDFInfo
- Publication number
- EP2472819B1 EP2472819B1 EP11193877.5A EP11193877A EP2472819B1 EP 2472819 B1 EP2472819 B1 EP 2472819B1 EP 11193877 A EP11193877 A EP 11193877A EP 2472819 B1 EP2472819 B1 EP 2472819B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- node
- anonymous
- control node
- data
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims description 270
- 238000000034 method Methods 0.000 title claims description 42
- 230000004044 response Effects 0.000 claims description 116
- 230000005540 biological transmission Effects 0.000 claims description 26
- 238000012546 transfer Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 9
- 238000013459 approach Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 241000234282 Allium Species 0.000 description 2
- 235000002732 Allium cepa var. cepa Nutrition 0.000 description 2
- 230000000052 comparative effect Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 239000003999 initiator Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000035945 sensitivity Effects 0.000 description 2
- 101100264195 Caenorhabditis elegans app-1 gene Proteins 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/04—Billing or invoicing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
Definitions
- the present invention relates to a first control node, to a second control node, to a communication network, to a first communication method, to a second communication method, to a program element and to a computer-readable medium, wherein the first control node forms a first-level communication network with the second control node to transmit anonymous data received from a first intermediary node.
- the first control node, the second control node, the communication network, the first method, and the second method may for example be employed for secure data transmission, such as email transmission, or any other content-related data transmission.
- E-commerce and transactions of all kinds require communication that is secure and indisputable.
- confidentiality, identification of sender/recipient and message integrity of such communication must be ensured electronically, and relevant communication events must be registered in a non-repudiation protocol for reasons of traceability.
- Legal and business demands must be satisfied, and data privacy as defined by applicable law or by individual users or user groups must be maintained at the same time. Examples for such transactions can be the transmission of e-invoices, the management of purchasing transactions or the execution of digital postal services, such as trusted and binding e-mail. Challenges are manifold and may be met using embodiments of the invention, in particular by adopting a new flexible architectural approach with innovative technical processes according to embodiments of the invention.
- WO 2007073943 A1 discloses a communication system comprising a sender unit, a recipient unit and a control unit, wherein the sender unit is adapted to generate an electronic message, to send the electronic message directly to the recipient unit, and to send a sending information message to the control unit indicating that the sender unit has sent the electronic message to the recipient unit, wherein the recipient unit is adapted to receive the electronic message directly from the sender unit and to send a receipt information message to the control unit, the receipt information message indicating that a user of the recipient unit has received the electronic message.
- WO 2007073943 A1 furthermore discloses that a provider may communicate with the sender unit in a manner that the provider knows the identity of a user of the sender unit.
- a communication between the first control entity and the second control entity regarding the sender unit may be anonymous so that the identity of the sender unit will not be known to the second control entity.
- Document US 2009/0172171 A1 discloses a method and an apparatus for disguising digital content, wherein a plurality of proxy network nodes for forwarding a plurality of flows to the second communicating user terminal are provided.
- Document US 2006/0023727 A1 discloses a method and an apparatus for anonymous data transfers, wherein a network of interacting nodes is illustrated, wherein a requesting node sends a search message to one or more intermediary network nodes, which forward the search request to one or more additional nodes so that the search request finally reaches at a responding node which has the requested data.
- the document EP 1 752 918 A1 discloses a licence server for granting licences in response to a user request, wherein the licence server receives a content identifier from a user identifying a content having associated therewith a user key necessary for decrypting an encrypted version of the content.
- first node There may be a need for a first node, a second node, a communication network, a first communication method, and a second communication method which may be employed to in particular improve a method for secure data transfer or data transmission.
- a communication network comprising a first control node and a second control node, which enables administering transaction-related data and/or content-related data in an anonymous manner, in particular taking into account regulations in different jurisdictions, such as in different political countries.
- a first node, a second node, a communication network, a first communication method and a second communication method are provided according to the independent claims.
- a first control node such as a computer, a computer cluster or a distributed computer system
- the first control node comprises a first control node communication module (in particular comprising means for setting up a private and secure communication channel, such as a virtual private network (VPN) communication channel) for forming a first-level communication network (in particular a private network which is not accessible by other parties) with at least one second control node (wherein in particular the second control node may be configured in a similar or same way as the first control node, in particular also comprising a computer, a computer cluster or a distributed computer system); and a first intermediary node communication module (in particular comprising means for setting up a secure, safe and/or private communication channel) for forming a first second-level communication network (which is in particular different from the first-level communication network and which is in particular not accessible from the first-level communication network and which is not accessible by any other third parties) with a first intermediary node (the first intermediary node
- the first control node and the second control node form a first-level communication network which allows secure data exchange between the first control node and the second control node without the risk that the exchanged data are intercepted by a third party.
- the first control node may be placed in a first jurisdiction or political country and the second control node may be placed in a second jurisdiction or political country different from the first jurisdiction or first political country, respectively.
- placing the first control node and the second control node in different political countries or jurisdictions being spaced apart may allow the first control node to keep, maintain or store data within the domain control of the first political country or region, wherein the second control node may maintain, keep or store data within the domain control of the second political country or region.
- the first control node and/or the second control node may be enabled to register events (such in a event registry storage) performed by the first user node and/or a second user node, thereby allowing traceability, such as e.g. for billing or charging.
- the events may be related to transactions (in particular involving transfer or access to content data) performed by or between the first user node and/or by the second user node.
- the first control node and/or the second control node may be enabled or adapted to store or maintain transaction related data (such as a decryption key, access information, integrity related data and the like) related to the transactions.
- registering events may provide a basis for metering the usage of a particular application or content data by the first user node.
- Metering data may be maintained at the first control node and/or the second control node in an anonymous form, while the first intermediary node may be adapted to collect metering data from the first control node (or further control node) to assemble a transaction history of transaction records specific for the first user node.
- the first intermediary node communication module is adapted (i.e. is in particular configured, such as by hardware installed at and/or a program running on the first control node) to receive an anonymous request (or anonymized request, wherein the request may be represented by electric or electronic data sent by the first intermediary node, wherein the electronic signals may represent request data in particular defining a request type, and request parameters defining what kind of data are asked for, wherein the anonymous request may not allow to determine an identity of the first user node or an identity of a person employing the first user node to transmit the request from the first intermediary node (via the first second-level communication network which is commutatively separated from the first-level communication network), the anonymous request being based on (or being derivable from) a first user request (defining in particular a request for particular data, such as data for decrypting particular content-related data) transmitted from a first user node (in particular comprising a computer, a computer cluster or a distributed computer system or comprising in particular a desk top computer or
- the first user request transmitted from the first user node to the first intermediary node may comprise personal data identifying the first user node or a user employing the first user node.
- the first user request may not be anonymous.
- the first intermediary node may be adapted to derive the anonymous request from the first user request, in particular by abstracting identification related data from the user request or by decrypting the personal-related data of the first user request.
- the first control node does not obtain any identification data of the first user node, thereby maintaining in particular the privacy of data at the first intermediary node.
- the anonymous request may comprise information indicative of a location of the first user node and/or indicative of a internet domain the first user node is associated with.
- the first control node communication module is adapted (i.e. in particular configured by particular hardware means and/or software means) to transmit, via the first-level communication network, the anonymous request to the second control node (thus, also the second control node does not get access to the private data identifying the first user node); and to receive, via the first-level communication network, anonymous response data, responding to the anonymous request, from the second control node.
- transmission of anonymous data between the first control node and the second control node located in particular in different jurisdictions is enabled.
- the first intermediary node communication module is further adapted to transmit the anonymous response data, via the first second-level communication network, to the first intermediary node for transmission of response data which are based on the anonymous response data to the first user node.
- the response data which are based on the anonymous response data and which are transmitted from the first intermediary node to the first user node may not be anonymous and in particular not encrypted but may be personalized and in particular unencrypted in that they may comprise identification data for identifying a user.
- all communication between the intermediary node and a user node may be not encrypted.
- the anonymous response data do not enable to determine an identity of the first user node and do not enable to determine an identity of a user employing the first user node.
- neither the first control node nor the second control node obtains data which enable identification of the first user node. Further, neither the first control node nor the second control node maintains or stores data which enable identifying the first user node or a user employing the first user node. In particular, person-related data may only available at the first intermediary node but neither at the first control node nor at the second control node.
- the first intermediary node may be adapted to derive the response data based on the anonymous response data.
- the response data may contain person-related data which may enable identifying the first user node.
- the response data may comprise data indicative for decrypting content data which may have been received by the first user node via any transaction method, such as by internet communication, by file transfer protocol (ftp), email, or any other method for transporting data.
- the first control node further comprises a first storage for storing data (in particular storing anonymous data), wherein the first storage is searchable (i.e. may be searched), based on the anonymous request, for the anonymous response data.
- the anonymous request may define a query for querying a database comprised in the first control node, the database holding the data of the first storage.
- the anonymous request may comprise a hashcode of content data and/or a hashcode of data indicative of an identity of the first user node or indicative of an identity of a user employing the first user node.
- the first storage may contain the anonymous response data.
- searching for the anonymous response data using the anonymous request defining a query may retrieve the anonymous response data.
- the first control node itself may transmit the anonymous response data, via the first second-level communication network, to the first intermediary node, wherein it may not be required to forward the anonymous request to the second control node.
- forwarding the anonymous request from the first control node to the second control node may also be referred to as roaming the anonymous request to the second control node.
- the first control node is adapted to transmit, via the first-level communication network, the anonymous request to the second control node, if the anonymous response data are not contained in the first storage.
- querying the first storage for the anonymous response data is not successful indicating that the anonymous response data are not contained within the first storage.
- the first control node may forward or roam the anonymous request to one or more second control nodes, in particular in a parallel manner or in a serial manner (i.e. subsequently).
- roaming the anonymous request may be preceded by a decision or determining step to decide or to determine, whether the anonymous response data are contained in the first storage.
- the first control node is adapted to retrieve the anonymous response data from the first storage, if the anonymous response data are contained in the first storage, and to transmit, via the first second-level communication network, the anonymous response data to the first intermediary node.
- roaming the anonymous request may not be required, thus simplifying the transmission method and thus simplifying the first control node.
- the first control node communication module is adapted to receive, via the first-level communication network, a denial message from the second control node, the denial message indicating that access to the anonymous response data at the second control node is denied.
- the first control node communication module or the first control node in its entirety may be adapted to be prepared for receiving either the anonymous response data or the denial message requiring means for distinguishing between the anonymous response data and the denial message.
- the denial message also does not comprise any data which allow identification of the first user node or identification of a user employing the first user node.
- a denial message may be transmitted from the second control node to the first control node, if the anonymous response data are marked as confidential such that the anonymous response data must not be transmitted from the second control node to the first control node.
- the anonymous response data may be confidential.
- the second control node may send a message to the first control node indicating that the second control node does not contain the requested anonymous response data or may also in this case send a denial message to the first control node.
- the first intermediary node communication module is further adapted to transmit, via the first second-level communication network, data indicative of the denial message to the first intermediary node.
- the denial message or the data indicative of the denial message may be anonymous data not allowing to identify the first user node.
- the first intermediary node may determine the identity of the first user node.
- the data indicative of the denial message may comprise data related to an identification of the anonymous request sent from the first intermediary node to the first control node. Thereby, using the request identification data comprised in the data indicative of the denial message the first intermediary node may indirectly determine the identity of the first user node.
- the anonymous request represents encrypted data, in particular asymmetrically encrypted data
- the first control node comprises a decryption module for decrypting the encrypted data
- the first control node may receive the anonymous request as data encrypted with a public key of the first control node.
- the first control node may decrypt the anonymous request represented in encrypted data using the private key of the first control node.
- the data transmission may be performed in a highly secure and safe manner.
- the first-level communication network is a private network (not accessible by for example a public network, such as the internet), in particular a virtual private network (VPN), neither accessible by the first intermediary node nor accessible by the first user node.
- VPN virtual private network
- the first second-level communication network is a private network, in particular a virtual private network, neither accessible by the second control node nor accessible by the first user node.
- the first-level communication network and the first second-level communication network may be communicatively separated and/or independent communication networks.
- the first control node communication module is adapted to form a further first-level communication network with a further control node of the at least one second control node, the first-level communication network being communicatively separated from the further first-level communication network.
- the second control node may not be possible for the second control node to communicate with the further control node via the first control node.
- the further control node may not be possible for the further control node to communicate with the second control node via the first control node.
- the second control node and the further control node are required to establish a still further first-level communication network or the first control node must be particularly configured to allow such communication from the second control node to the further control node or vice versa.
- communication between the second control node and the further control node via the first control node may be disabled.
- the second control node (or a network of such second control nodes) may serve (or support) requests related to a particular type of transaction, such as e.g. related to a set of applications, while the further control node (or a network of such further control nodes) may serve (or support) requests related to another type of transaction, such as e.g. related to another set of applications.
- the first control node communication module is adapted to transmit, via the further first-level communication network, the anonymous request to the further control node of the at least one second control node.
- forwarding the anonymous request, in particular roaming the anonymous request, to more than one second control node is enabled in order to distribute the anonymous request to a large number of control nodes of the at least one second control node.
- a chance or a probability that one of the control nodes contains or stores the requested anonymous response data may be increased.
- the first control node is adapted to transmit, via the further first-level communication network, the anonymous request to the further control node in a parallel manner with the transmission, via the first-level communication network, of the anonymous request to the second control node.
- the transmission of the anonymous request to more than one second control node may be accelerated, thereby also accelerating reception of the anonymous response data.
- the first control node is further adapted to selectively, based on the anonymous request and/or based on a previous response received from the second control node and/or received from the further control node, transmit the anonymous request to one of the second control node and the further control node.
- the first control node may be adapted to select one of the at least one second control node, wherein a probability or a chance of finding the anonymous response data is increased for the selected one of the at least one second control node.
- the selection may be based on learning by evaluating response data received from the at least one second control node.
- the anonymous request may comprise a data pattern which may allow to derive a location of the first user node.
- the data pattern may allow to derive the jurisdiction or the political country the first user node is located in.
- the anonymous request may contain a data pattern from which a location, a jurisdiction or a political country in which the second user node is located may be derived.
- a particular data pattern comprised in the anonymous request may indicate that a particular control node of the at least one second control node may provide or may store the anonymous response data asked for.
- a correlation of the data pattern comprised in the anonymous request and a particular one of the at least one second control node may be learned by the first control node.
- forwarding the anonymous request from the first control node to a particular control node of the at least one second control node may be performed, wherein the correlation of the data pattern with the particular control node is highest.
- the first control node may be adapted to determine an order of control nodes of the at least one second control node to which the anonymous request may be transmitted subsequently, wherein the order may be defined such that the chance of receiving the anonymous response data from a second control node is higher for a particular control node than for another control node arranged in the ordered list behind the particular control node.
- the anonymous response data is indicative of content-related data which are related to content.
- the content may be provided by a second user node to the first user node by any transaction or transmission method, such as by file transfer protocol transmission, email transmission, wire-based transmission, wireless transmission, tcp/ip-transmission, http-transmission, transfer of a storage medium or the like.
- the anonymous response data may itself not contain any content that is usable by the first user node.
- the anonymous response data may be adapted to allow the first user node or allow a user employing the first user node to access or read or decrypt the content, wherein the content may be provided (in particular in encrypted form) by the second user node to the first user node.
- the content-related data comprises at least one of a key for decryption of encrypted content (provided by the second user node to the first user node), an identification for identifying the content, a code (such as a checksum or a hashcode) of the content.
- a checksum or a hashcode may also refer to a result of applying a cryptographic hash function on input data.
- the cryptographic hash function (such as SHA-256) may produce from input data a message digest which may have a fixed length, such as 256 bit.
- the hashcode may employ a secure hash algorithm which may be adapted to calculate an unambiguous check value for arbitrary electronic input data.
- the SHA-256 algorithm may be employed to derive a hashcode or a checksum.
- the content-related data received by the first user node may enable the first user node to access, read and/or decrypt the content (previously or simultaneously) received from the second user node.
- the content is one of audio content, textual content and video content.
- the content may be provided at the internet to the first user node or may be directly sent to the first user node.
- a second control node in particular in combination with the first control node of which embodiments are described above, comprises a second control node communication module for forming a first-level communication network with at least one first control node (or a plurality of first control nodes); and a second storage for storing control node data, wherein the second control node communication module is adapted to receive, via the first-level communication network, an anonymous request from the first control node (which may in particular have received the anonymous request from the first intermediary node), wherein the second storage is adapted to retrieve, based on the anonymous request, anonymous response data, responding to the anonymous request, from the second storage, wherein the second control node communication module is adapted to transmit, via the first-level communication network, the anonymous response data to the first control node.
- the first control node may then transmit the anonymous response data to the first intermediary node, as described above with respect to embodiments of the first control node.
- the second control node may be communicatively coupled to a second intermediary node which may be communicatively coupled to a second user node.
- the second user node may have previously transmitted data via the second intermediary node to the second control node which data may finally be indicative of the anonymous response data.
- the second control node is further adapted to transmit, via the first-level communication network, a denial message to the first control node, the denial message indicating that access to the anonymous response data at the second control node is denied, wherein the denial message is transmitted, if an access condition is not satisfied.
- the second control node may contain the anonymous response data in the second storage but may not allow transmission of the anonymous response data to the first control node, since the anonymous response data may be confidential to the second control node.
- the access condition may be defined or implied by the second control node, by the second intermediary node, by the second user node and/or by another party. Thereby, data security may be further improved.
- the access condition comprises an access criterion controlled by the second control node.
- the access criterion may be controlled by an operator or by a provider of the second control node.
- the second control node further comprises a second intermediary node communication module for forming a second second-level communication network with a second intermediary node, wherein the second intermediary node communication module is adapted to receive anonymous transaction-related data from the second intermediary node, wherein the second storage is adapted to store the anonymous transaction-related data and wherein the anonymous transaction-related data are indicative of the anonymous response data.
- the anonymous transaction-related data may be indicative of a transaction of data from the second user node to the first user node or may be indicative that at least the second user node has provided access (potentially in encrypted form) of the content to the first user node.
- providing the content by the second user node to the first user node may not necessarily mean that the first user node has gained access or has read the content.
- the first user node may not be enabled to access or read the content, before the first user node receives the response data after requesting the response data from the first intermediary node. Only the received response data may enable the first user node to read the content, in particular by decrypting encrypted content.
- the anonymous transaction-related data are further indicative of an access criterion controlled by the second intermediary node, wherein the access condition comprises the access criterion controlled by the second intermediary node.
- the access condition may be flexibly defined, thus improving the data security.
- the anonymous transaction-related data are further indicative of an access criterion controlled by a second user node, wherein the access condition comprises the access criterion controlled by the second user node, wherein the anonymous transaction-related data received from the second intermediary node are based on transaction-related data transmitted from the second user node to the second intermediary node.
- the second user node may be communicatively coupled to the second intermediary node to transmit the transaction-based data to the second intermediary node.
- the transaction-related data may enable to identify a transaction (of data or a process of providing the data).
- the transaction-related data may comprise an identification code, a checksum or a hashcode of the content, and/or a hashcode or a checksum of an identification of the first user node, wherein the first user node may also be considered as a recipient of the content provided by the second user node, which may also be considered as a sender of the content.
- a communication network comprising a first control node, in particular a first control node according to one of the embodiments as described above; and at least one second control node, in particular a control node according to one of the above-described embodiments, wherein the first control node and the second control node form a first-level communication network which communicatively couples the first control node to the second control node, in particular in a private manner restricting access to third parties.
- the first control node may be configured as described above in the context of embodiments of the first control node and the second control node may be adapted as described with reference to embodiments of the second control node.
- the first control node comprises a first intermediary node communication module for forming a first second-level communication network between the first control node and a first intermediary node, wherein the first intermediary node communication module is adapted to receive an anonymous request from the first intermediary node, the anonymous request being based on a first user request transmitted from a first user node to the first intermediary node.
- the first control node is adapted to transmit the anonymous request to the second control node, wherein the second control node is adapted to receive the anonymous request from the first control node, to determine anonymous response data responding to the anonymous request, and to transmit the anonymous response data to the first control node.
- the first control node is adapted to receive the anonymous response data from the second control node, wherein the first intermediary node communication module is further adapted to transmit the anonymous response data to the first intermediary node for transmission of response data which are based on the anonymous response data, to the first user node.
- the communication network further comprises the first intermediary node, wherein the first second-level communication network is a private network communicatively separated from the first-level communication network.
- access of the first intermediary node to the second control node may be restricted by providing the communicatively separated communication networks.
- the communication network further comprises a second intermediary node
- the second control node further comprises a second intermediary node communication module for forming a second second-level communication network between the second control node and the second intermediary node
- the second intermediary node communication module is adapted to receive anonymous transaction-related data from the second intermediary node
- the second control node comprises a storage to store the anonymous transaction-related data and wherein the anonymous transaction-related data are indicative of the anonymous response data.
- the anonymous response data may be derivable based on the anonymous transaction-related data.
- the communication network further comprises the first user node communicatively coupled to the first intermediary node via a public communication network (such as the internet); and a second user node communicatively coupled to the second intermediary node via the public communication network, wherein the second user node is adapted to transmit transaction-related data to the second intermediary node, wherein based on the transmitted transaction-related data the second intermediary node derives the anonymous transaction-related data to be transmitted to the second control node.
- the transaction-related data may identify a transaction and/or a transmission of data from the second user node to the first user node.
- the transaction-related data may be anonymized (made anonymous) by the second intermediary node in order to derive the anonymous transaction-related data to be transmitted to the second control node.
- the second user node is adapted to provide access, upon a transaction, of encrypted content data to the first user node, wherein upon providing the encrypted content data to the first user node, the second user node transmits the transaction-related data, being related to the transaction of the encrypted content data, to the second intermediary node.
- the content data may also be referred to as content within the present application.
- the transaction-related data may comprise an encryption key or a decryption key, wherein this key enables the first user node to decrypt the encrypted content data.
- the decryption key or encryption key may be transmitted from the second user node to the second intermediary node in an encrypted manner.
- the key may be transmitted from the second user node via the second intermediary node to the second control node and from there, upon request, via the first control node and via the first intermediary node to the first user node.
- the second user node is adapted to generate the encrypted content data for transmission to the first user node.
- the encrypted content data may be transmitted using any transfer protocol or technology, such as using email, using ftp, using mms, using sms, using icq or the like.
- the first user node may receive an email containing encrypted content data.
- the transaction-related data are indicative of a decryption key for decrypting the encrypted content data.
- the first user node may only be enabled to read the content data after having received the transaction-related data (in the form as the response data) which may contain the decryption key for decrypting the encryption content data, such as the email data.
- the transaction-related data are further indicative of a hashcode of the content data.
- Including the hashcode of the content data may be necessary for identifying the decryption key based on the anonymous request which request is later on transmitted from the first user node via the first intermediary node as the anonymous request to the first control node.
- comparing hashcodes of content data may also allow to prove the integrity of the content data, such as to ensure that the content data reached the first user node unaltered compared to the content data provided by the second user node.
- the transaction-related data are further indicative of a hashcode of an identification information identifying the first user node.
- querying for the anonymous response data may be enabled.
- comparing hashcodes of user node identification may also serve for authentication purposes.
- the first user request transmitted from the first user node to the first intermediary node is indicative of the hashcode of the content data.
- the transaction-related data transmitted from the second user node via the second intermediary node to the second control node and also the first user request transmitted from the first user node via the first intermediary node to the first control node may both be indicative of the hashcode of the content data.
- querying the storage of the first control node and/or the storage of the second control node may be enabled or facilitated.
- the first user request transmitted from the first user node to the first intermediary node is indicative of the identification information identifying the first user node.
- querying for the response data may be further simplified.
- the first control node, the second control node and the second intermediary node are adapted, upon receiving the anonymous request data and/or upon transmitting the anonymous response data to the first intermediary node, to transmit an access notification from the first control node via the second control node and via the second intermediary node to the second user node, wherein the access notification indicates that the first user has accessed (or read or decrypted) the content data.
- the access notification may be considered as a confirmation that the content data or the content has been successfully transmitted to the first user node and that the first user node has successfully decrypted the encrypted content data.
- the first user node is adapted to provide access to the content data (for example to provide access to the content data for a user employing the first user node) by decrypting the encrypted content data by means of the decryption key derived from the response data.
- the encrypted content data may be worthless for the first user node.
- transmitting the anonymous response data may trigger charging the first control node for a particular payment corresponding to the content data.
- an invoice may be generated and may be transmitted to the first user node.
- At least one of the first control node, the second control node, the first intermediary node, the second intermediary node, the first user node and the second user node comprises at least one of the group consisting of a server computer, a client computer, a desktop computer, a laptop computer, a personal digital assistant, a server computer, and a mobile phone.
- the first-level communication network is formed such that the first control node is located at a first control node location and the second control node is located at a second control node location, wherein the first control node location is spaced apart from the second control node location by a distance between 2 km and 20000 km, in particular 10 km and 20000 km, further in particular between 300 km and 20000 km.
- the first control node and the second control node are distributed at different locations on the surface of the earth.
- the first control node and the second control node may be located in different continents or in different political countries.
- the first control node location is within a first jurisdiction region and the second control node location is within a second jurisdiction region different from the first jurisdiction region.
- the first and the second jurisdiction regions may adopt different security and/or tax regulations which may be satisfied by the first control node and the second control node by appropriately configuring the first control node and the second control node according to different regulations, respectively.
- a first communication method comprises providing a first control node comprising a first control node communication module for forming a first-level communication network with at least one second control node, and a first intermediary node communication module for forming a first second-level communication network with a first intermediary node; transmitting a first user request from a first user node to the first intermediary node; receiving, by the first intermediary node communication module, an anonymous request from the first intermediary node, the anonymous request being based on the first user request; transmitting, by the first intermediary node communication module via the first-level communication network, the anonymous request to the second control node; receiving by the first control node, via the first-level communication network, anonymous response data, responding to the anonymous request, from the second control node; and transmitting, by the first intermediary node communication module, the anonymous response data, via the first second-level communication network, to the first intermediary node for transmission of response data which are based on the anonymous response data to the first user node
- a second communication method comprises providing a second control node comprising a second control node communication module for forming a first-level communication network with at least one first control node, and a second storage for storing control node data; receiving, by the second control node communication module via the first-level communication network, an anonymous request from the first control node; retrieving, by the second storage, based on the anonymous request, anonymous response data, responding to the anonymous request, from the second storage; and transmitting, by the second control node communication module via the first-level communication network, the anonymous response data to the first control node.
- a communication method comprises the method steps of the first communication method as described above and the method steps of the second communication method as described above.
- a program element and a computer-readable medium are provided, wherein when the program element is executed by a processor, the program element is adapted to control or carry out the first communication method, the second communication method and/or the communication method as described above.
- Fig. 1 schematically illustrates a communication network 100 according to an embodiment of the present invention.
- the communication network 100 comprises a first control node 101, a second control node 103, a first intermediary node 105, a second intermediary node 107, a first user node 109 and a second user node 111.
- the first control node 101 and the second control node 103 form a private network 113, wherein for allowing data communication within the private network 113 (which is also referred to as first-level communication network), the first control node 101 comprises a first control node communication module 115 and the second control node 103 comprises a second control node communication module 117.
- the first control node communication module 115 and the second control node communication module 117 establish a data exchange channel 119 for exchanging data between the first control node 101 and the second control node 103.
- the first-level communication network 113 may in particular be a virtual private network.
- the first control node 101 and the first intermediary node 105 form a first second-level communication network 121 for which the first control node 101 comprises a first intermediary node communication module 123.
- the first second-level communication network 121 may for example be a virtual private network (VPN) which allows data communication between the first control node 101 and the first intermediary node 105 via the communication channel 125.
- VPN virtual private network
- the first intermediary node 105 and the first user node 109 are communicatively coupled by a public network, such as the internet. Thereby, data exchange between the first intermediary node 105 and the first user node 109 is enabled via the communication channel 127.
- the second control node 103 and the second intermediary node 107 form a second second-level communication network 129, wherein data between the second control node 103 and the second intermediary node 107 may be exchanged via the communication channel 131.
- the second second-level communication network 129 may also be a virtual private network.
- the networks 113, 121 and 129 are communicatively separated from each other such that for example the first intermediary node 105 is not enabled to communicate via the first control node 101, and via the second control node 103 directly with the second intermediary node 107.
- the first intermediary node 105 is only enabled to directly communicate with the first control node 101.
- no other third party is enabled to access any of the private communication networks 113, 121 and 129. Thereby, data security may be ensured within each of the communication networks 113, 121 and 129.
- the second intermediary node 107 is communicatively coupled to the second user node 111 via a public communication network, such as the internet for exchanging data via a communication channel 133.
- the second user node 111 may provide content or content data 135 (in particular in an encrypted form) to the first user node 109.
- the provision of the content data or of the content 135 may be performed by any transmission method such as by transmitting an email, by transmitting data using a file transfer protocol (ftp), transmission of data using tcp/ip or http or by just providing some data on a portal or website in the internet.
- ftp file transfer protocol
- tcp/ip Transmission of data using tcp/ip or http
- the second user node 111 may transmit transaction-related data 136 via the communication channel 133 to the second intermediary node 107.
- the second intermediary node 107 receives the transaction-related data and derives therefrom anonymized or anonymous transaction-related data 137, wherein the anonymous transaction-related data do not allow to determine an identity of the second user node 111.
- the anonymous transaction-related data 137 are transmitted from the second intermediary node 107 via the private communication channel 131 to the second control node 103, in particular to the second intermediary node communication module 124. Therein, the anonymous transaction-related data are labelled by reference sign 137.
- the second intermediary node communication module 124 receives the anonymous transaction-related data 137 and stores the anonymous transaction-related data 137 in the storage 139 of the second control node 103.
- the transaction-related 137 data may comprise a decryption key for decrypting the content data 135 which have been sent in an encrypted form to the first user node 109.
- the transaction-related data 137 may comprise in particular a hashcode of the content data 135, a transaction identification number and/or a hashcode of an identification of the first user node 109. These data portions may be required for subsequent querying the storage 139 for response data which relate to the transaction-related data, in particular relate to the anonymous transaction-related data.
- the second control node 103 is not enabled to determine an identity of the second user node 111.
- the first user node 109 transmits a request 141 to the first intermediary node 105.
- the request 141 may in particular comprise a hashcode of the received content data (which are in an encrypted form), a hashcode of an identity of the first user node 109 and further data.
- the request 141 may be as well in an encrypted form and also the transaction-related data 136 may be in an encrypted form.
- the first intermediary node 105 receives the request 141 and forms based on the request an anonymous request 143 which does not allow to determine the identity of the first user node 109.
- the anonymous request 143 is transmitted to the first control node 101, wherein the first intermediary node communication module 123 receives the anonymous request 143.
- the first control node 101 searches its first storage 140 for the requested anonymous response data.
- the first control node 101 forwards (or roams) the anonymous request 143 to the second control node 103 via the communication channel 119 within the first-level communication network 113.
- the anonymous request 143 is received by the second control node communication module 117 of the second control node 103 and the second storage 139 is searched for the requested anonymous response data. If the anonymous response data 145 are found within the second storage 139 the anonymous response data 145 are retrieved from the second storage 139 and are transmitted to the first control node 101 via the communication channel 119, if an access condition is satisfied.
- the access condition may be set by the first control node 101, by the second control node 103, by the first intermediary node 105, by the second intermediary node 107, by the particular application, and/or by the particular transaction or event that relates to the request, in order to protect data which originate from the second user node 111.
- the second control node 103 In case the access condition is not satisfied, the second control node 103 generates a denial message (or a message indicating that the second control node does not contain the requested anonymous response data, if the second control node does not contain the requested anonymous response data) and transmits this denial message to the first control node 101 which transfers the denial message via the first intermediary node 105 to the first user node 109.
- the denial message may indicate that access to the requested response data is denied, i.e. is not allowed.
- This denial may be specific for the requesting first control node 101 and/or specific for the first intermediary node 105 according to an exemplary embodiment.
- the anonymous response data 145 are transmitted from the second control node communication module 117 to the first control node communication module 115 comprised in the first control node 101. From there the anonymous response data 145 are transmitted within the first second-level communication network 121 via the communication channel 125 to the first intermediary node 105.
- the first intermediary node 105 derives response data 147 which allow identifying the first user node 109.
- the response data 147 comprise the transaction-related data or data derived therefrom, which finally allow the first user node 109 to decrypt the content data 135 which were received in an encrypted form.
- the first user node 109 or the first intermediary node 105 may generate and transmit a notification message via the first control node 101, the second control node 103, the second intermediary node 107 to the second user node 111 to inform the second user node 111 that the content 135 has been accessed by the first user node 109.
- a control node may also be referred to as a clearing node or clearing instance
- an intermediary node may also be referred to as a provider node or just a provider.
- the first control node 101 may be situated in Switzerland, while the second control node 103 may be situated in Luxembourg.
- the first control node 101 and the second control node 103 may be located in different political countries or in different jurisdictions.
- the first control node communication module 115 of the first control node 101 is adapted to form another first-level communication network 114 with a further control node 104 (which may comprise a storage 142 and may be similarly configured as the second control node 103), the first-level communication network 113 being communicatively separated from the other first-level communication network 114.
- the first control node communication module 115 is adapted to transmit, via the other first-level communication network 114, the anonymous request 143 to the further control node 104.
- the further control node 104 may support another set of applications than the second control node 103.
- the first control node 101 is adapted to transmit, via the other first-level communication network 114, the anonymous request 143 to the further control node 104 in a parallel manner with the transmission, via the first-level communication network 113, of the anonymous request to the second control node 103.
- Fig. 2 schematically illustrates a communication network according to findings by the inventors.
- a single control node or clearing node 201 is communicatively coupled to several providers 205 and 207 to which a plurality of user nodes 209 and 211 are connected, respectively.
- Today's multi-provider communication systems may have limitations. Referring to Fig. 2 many of today's communication systems may be multi-provider systems. Multiple providers (P1, .., Pn) offer the same communication services (A, ... N) or a subset of such services, e.g. A only. Users (Uxy) may register with one of the providers and then use such service via the chosen provider (Px). Users may be humans but could also be computer programs.
- a synchronization node C1 (control node or clearing facility) 201 enables communication across providers 205, 207, i.e. independent of the provider that a user may choose, users can communicate with each other, i.e. collaborate and use the same application (application A, ..., N) and/or service.
- a trusted provider For security-sensitive applications, users will select a trusted provider, as using such application (or app) X may require sharing information with selected provider, whereas other providers 205, 207 and control node C1 (201) shall only have restricted access or no access at all to information of user Uxy.
- the illustration in Fig. 2 shows the concept of such multi-provider systems. An example is regify with application (or app) A "trusted and binding e-mail", and applications (or apps) B,... N could be other digital postal services.
- Area 208 denotes a TRUST relationship region (not geographical region) between provider Pn (207) and its users (211)
- Sensitivity of a particular application may contradict central clearing according to findings of the inventors.
- Fig. 3 shows disconnected user groups in case of decentralized clearing with a purely central clearing approach according to findings by the inventors.
- a first clearing node 301 and two second clearing nodes 303 are provided, wherein each clearing node 301, 303 is connected to one or more provider nodes 305 and 307, respectively.
- provider nodes 305 and 307 are Associated with the providers 305, 307 are a number of applications 351.
- one group of users (309) may accept that app SCx is centrally enabled by Cx, while another group (311) may not accept this.
- C1 was located in the European Union
- EU users may accept this, while non-EU users may not consider this acceptable.
- the clearing facility stores keys or other transactional information (example: SWIFT)
- SWIFT transactional information
- jurisdiction and therefore access may become critical.
- C1 was relocated to another country or governance changed otherwise, another set of users may disagree. Consequently, for reasons of global acceptance, the clearing facility may have to be decentralized in order to serve the specific user requirements as otherwise, the restrictions of a purely central approach to clearing would lead to dedicated (fairly inefficient) setups of the complete clearing infrastructure as illustrated below. Besides adding cost, such setup would also limit reach as for example, user U41 is not connected to user U11 and could not communicate with him. Therefore, user U41 would have to register twice in such case.
- Fig. 4 schematically illustrates a federated clearing system according to findings by the inventors, which may be regarded as an extension of the system illustrated in Fig. 3 .
- the Fig. 4 illustrates the new flexibility for users brought about by a federated clearing system for app SCx:
- an appropriate provider setup e.g. Py
- Pn a provider that leverages the clearing infrastructure to its fullest, may simply leave the decision where to clear to the clearing organizations (e.g. based on traffic).
- choosing the sequence (C2, Cm, C1) will give such provider additional steering means.
- dedicated services may be offered (Py, Cm) that can be restricted and controlled down to clearing/provider level - and still connection to the global communication network may be maintained.
- Pr clearing operator chosen by this country
- Py provider chosen
- the federated clearing system as illustrated in Fig. 4 also reduces the risks associated with the danger of a single point of failure.
- Multi-application capabilities may require federated clearing.
- FIG. 5 illustrates this challenge for provider P2 with three distinct apps A, B and C, that shall be cleared by clearing facilities C1/C2, C2 and Cn/Cm respectively. It becomes obvious that, compared to the system according to an embodiment of the present invention illustrated in Fig. 1 , such setup would require significant overhead with still limited redundancy and little flexibility.
- Fig. 5 schematically illustrates a communication network 500 according to findings by the inventors, wherein a number of different applications 551, 553 and 555 are provided by the provider nodes 505 and 507.
- federated clearing applied to above scenario illustrated in Fig. 5 facilitates P2's job within one single multi-cleared multi-provider system.
- Benefits may be: improved redundancy, clearing setup on application level, users are part of the whole network, clearing rules on app level allow a user and/or a provider to determine the clearing setup for each app.
- Local regulations can be effected down to the level of the individual app.
- Fig. 6 schematically illustrates a communication network or federated clearing system 600 according to findings by the inventors involving many-to-many relationships between intermediary nodes 605 and control nodes 601, 603.
- the provider node 605 provides a number of applications A, B, C, ... (labelled by reference sign 651) each user node 609 may select or choose from the available applications 651 to derive a subset 653 of the available applications 651. Further, each user 609 may choose clearing options specific for the selected application.
- app A may be cleared at Cm only (e.g. government mandate), app B at C0 or C1 (e.g.EU or CH), and app C at any clearing facility (e.g., at the most efficient at a given point in time).
- Cm e.g. government mandate
- app B at C0 or C1 (e.g.EU or CH)
- app C at any clearing facility (e.g., at the most efficient at a given point in time).
- User U2n chooses the subset of apps from his provider's offering that user wants to use; only one account required for multi-app use.
- the user may also choose clearing options at app level, e.g. cleared in EU or CH or USA.
- Such multi-application, multi-provider and multi-clearing environment illustrated in Fig. 6 may provide the highest flexibility possible and, while giving the user freedom to choice, it also satisfies requirements of providers with regards to local compliance, tax and regulations issues.
- Fig. 7 illustrates a user's multi-app selection (i...n) with only one account with one provider. Below some examples of applications 1, 2, 3, 4 as illustrated in Fig. 7 are listed:
- Fig. 7 schematically illustrates a communication network 700 according to findings by the inventors.
- the control nodes 701, 703 may allow clearing or administering a plurality of applications 1, 2, 3, 4, ... n which are provided to a user node.
- Fig. 8 schematically illustrates a trusted environment according to findings by the inventors.
- Fig. 8 illustrates an example of a dedicated service (eGovernment, e.g.), wherein a TRUSTED and SELF-SUSTAINING environment for dedicated eGov service and provider is established.
- Autarkic governance is provided, as both providers and clearing can be freely chosen by authorities. Still, users continue to be connected to the whole communication system, e.g. for other services with the same user account.
- Fig. 9 schematically illustrates a communication network according to findings by the inventors, wherein plural control nodes 901, 903 are connected to plural provider nodes 905, 907.
- a roaming Architecture for federated clearing and metering is provided as illustrated in Fig. 9 .
- Fig. 9 illustrates a multi-application communication system with federated but hard-wired clearing and metering.
- Fig. 10 schematically illustrates a communication network 1000 according to another embodiment of the invention.
- the communication network 1000 may also be considered as a roaming architecture for a multi-application communication system with federated clearing and metering, wherein the communication network 1000 comprises control nodes or clearing nodes 1001, 1003, wherein particular pairs of the control nodes 1001, 1003 form first-level communication networks providing communication channels 1019 between two control nodes 1001, 1003, respectively.
- each communication channel 1019 may represent a separate virtual private network.
- one or more user nodes may be communicatively coupled to the intermediary nodes 105 which are not illustrated for simplicity.
- User requests directed to the intermediary node 105 may be forwarded in an anonymized form to the control node 1001 which may forward or roam the anonymous request to another of the control nodes 1001, 1003 using the communication channel 1019.
- the different control nodes 1001, 1003 may be located in different jurisdictions.
- FIG. 10 illustrates a roaming architecture for multi-application communication system 1000 with federated clearing and metering. Thereby providers only need to be connected to one clearing service and the clearing services are connected as appropriate.
- Roaming may be defined as or comprise the searching, authentication and exchange process regarding clearing and/or metering information between clearing facilities. Roaming is effected whenever one clearing facility needs clearing information in order to process a transaction and this clearing information is stored/managed elsewhere, i.e. in another clearing facility.
- the roaming process may rather be an "asynchronous call upon request" (near-real-time request) than a parallel request that would require high-speed connections and high-end technical infrastructure.
- Such call upon request would be more robust as well as it would work in heterogeneous environments, i.e. in a clearing federation with global clearing facilities under different governance rules.
- C1 will initiate a roaming call to C2 and Cz, such calls could be parallel or serial ones, e.g. call to Cz would only be initiated if call to C2 was unsuccessful.
- roaming capabilities may provide to enable various governance regimes.
- roaming in particular an access condition for roaming requests and/or forwarding response data
- roaming may be set up on different levels as listed under points 1. to 3. below:
- Fig. 11 schematically illustrates another communication network 1100 according to an embodiment.
- the communication network 1100 illustrated in Fig. 11 differs from the aforementioned embodiments of a communication network in that it allows metering (i.e. measuring of data access, in particular for invoicing) of applications used by the user node or measuring or metering content requested and accessed by the user node.
- metering i.e. measuring of data access, in particular for invoicing
- federated anonymous metering is illustrated as a multi-application communication system with federated clearing and metering.
- Federated clearing opens up opportunities for specialization of clearing services. This may also include metering. As clearing services may flexibly support all apps, a subset of apps, or only a dedicated one (e.g. eGov), metering can be decentralized as well as metering can be part of the clearing service. Typically, metering (and billing as the direct follow-on process) may consume significant resources and costs, in particular, if diverse metering concepts need to be supported in one central clearing instance. Hardware and software requirements must be derived from the metering concept. Metering of dedicated clearing instances reflects the specialization of respective clearing service and leads to efficient, distributed metering services.
- eGov dedicated one
- Billing user U21 by provider Py may trigger a roaming dialogue in order to collect metering data from clearing facilities that may have served U21's requests within the billing period. Py may collect this usage data from the distributed meters individually per user, or for its complete user base.
- Advantages of this kind of federated, anonymous metering are manifold:
- Fig. 12 schematically illustrates another communication network 1200 according to an embodiment of the present invention.
- a subscription on demand of a newspaper may be charged based on actual access to the particular newspaper content being accessed.
- Fig. 12 illustrates an example for federated anonymous metering for subscriptions of content data.
- a user for app "biz subscription” may receive a regify message in his inbox that contains digital contents as agreed between P7 and user in a subscription on demand service: a selection of articles from TIME Magazine, BUSINESS WEEK and CAPITAL. Articles may be available to the user as abstracts, and only upon confirming by clicking "if you want to read this article in full, you will be charged X Scents", the user will have access to the article(s) (that may be part of the regify message or shipped independently).
- the "biz subscription" service will register the purchasing requests, pass them on to the user's provider P7, that will anonymize the requests, pass them on to the clearing facility C5 (selection of clearing facility at the discretion of P7) that will effect roaming with clearing facilities of TIME, BUSINESS WEEK and/or CAPITAL respectively. These facilities will register the purchasing events, pass purchasing keys on and through the chain of clearing and providers, keys will make available requested digital contents to the user. The user expects and will receive one billing statement only from his trusted provider P7 of "biz subscription" app.
- User may share his preferences with P7; profile may only be passed on by P7 anonymously and upon prior consent. Subscription services according to a user's profile across different content providers are superior for the user. Also, the user receives one billing statement only.
- Provider P7 may act as the trusted intermediary and "Biz subscription Intermediary" vis-à-vis content owners.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Economics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
- Information Transfer Between Computers (AREA)
Claims (12)
- Premier noeud de commande (101), comprenant :un module de communication de premier noeud de commande (115) pour former un réseau de communication de premier niveau (113) avec au moins un deuxième noeud de commande (103) ; etun module de communication de premier noeud intermédiaire (123) pour former un premier réseau de communication de deuxième niveau (121) avec un premier noeud intermédiaire (105) ;dans lequel le module de communication de premier noeud intermédiaire (123) est adapté pour recevoir une demande anonyme (143) en provenance du premier noeud intermédiaire (105), la demande anonyme (143) étant basée sur une première demande d'utilisateur (141) comprenant des données personnelles ettransmise d'un premier noeud d'utilisateur (109) au premier noeud intermédiaire (105) ;dans lequel le module de communication de premier noeud de commande (115) est adapté
pour transmettre, par l'intermédiaire du réseau de communication de premier niveau (113), la demande anonyme (143) au deuxième noeud de commande (103) ; et
pour recevoir, par l'intermédiaire du réseau de communication de premier niveau (113), des données de réponse anonyme (145), en réponse à la demande anonyme (143) en provenance du deuxième noeud de commande (103) ;dans lequel le module de communication de premier noeud intermédiaire (123) est en outre adapté
pour transmettre les données de réponse anonyme (145), par l'intermédiaire du premier réseau de communication de deuxième niveau (121), au premier noeud intermédiaire (105) pour une transmission de données de réponse (147) qui sont basées sur les données de réponse anonyme (145) au premier noeud d'utilisateur (109),dans lequel le premier noeud de commande (101) comprend en outre :une première mémoire (140) pour mémoriser des données,dans lequel la première mémoire (140) permet d'y rechercher, sur la base de la demande anonyme (143), les données de réponse anonyme (145),dans lequel les données de réponse anonyme (145) sont indicatives de données relatives à un contenu, les données relatives à un contenu comprenant une clé pour un déchiffrement d'un contenu chiffré fourni par un deuxième noeud d'utilisateur (111) au premier noeud d'utilisateur (109). - Premier noeud de commande (101) selon la revendication 1, qui est adapté pour transmettre, par l'intermédiaire du réseau de communication de premier niveau (113), la demande anonyme (143) au deuxième noeud de commande (103), si les données de réponse anonyme (145) ne sont pas contenues dans la première mémoire (140).
- Deuxième noeud de commande (103), comprenant :un module de communication de deuxième noeud de commande (117) pour former un réseau de communication de premier niveau (113) avec au moins un premier noeud de commande (101) ; etune deuxième mémoire (139) pour mémoriser des données de noeud de commande,dans lequel le module de communication de deuxième noeud de commande (117) est adapté pour recevoir, par l'intermédiaire du réseau de communication de premier niveau (113), une demande anonyme (143) en provenance du premier noeud de commande (101), la demande anonyme (143) étant basée sur une première demande d'utilisateur (141) comprenant des données personnelles,dans lequel la deuxième mémoire (139) est adaptée pour récupérer des données de réponse anonyme (145) sur la base de la demande anonyme (143), en réponse à la demande anonyme (143), à partir de la deuxième mémoire (139),dans lequel le module de communication de deuxième noeud de commande (117) est adapté
pour transmettre, par l'intermédiaire du réseau de communication de premier niveau (113), les données de réponse anonyme (145) au premier noeud de commande (101),dans lequel les données de réponse anonyme (145) sont indicatives de données relatives à un contenu, les données relatives à un contenu comprenant une clé pour un déchiffrement d'un contenu chiffré fourni par un deuxième noeud d'utilisateur (111) au premier noeud d'utilisateur (109),le deuxième noeud de commande (103) comprenant en outre :un module de communication de deuxième noeud intermédiaire (124) pour former un deuxième réseau de communication de deuxième niveau (129) avec un deuxième noeud intermédiaire (107) ;dans lequel le module de communication de deuxième noeud intermédiaire (124) est adapté pour recevoir des données relatives à une transaction anonyme (137) en provenance du deuxième noeud intermédiaire (107) ;dans lequel la deuxième mémoire (139) est adaptée pour mémoriser les données relatives à une transaction anonyme (137) ;dans lequel les données relatives à une transaction anonyme sont indicatives des données de réponse anonyme (145). - Réseau de communication, comprenant :un premier noeud de commande (101) selon la revendication 1 ou 2 ; etau moins un deuxième noeud de commande (103) selon la revendication 3, dans lequel le premier noeud de commande (101) et le deuxième noeud de commande (103) forment le réseau de communication de premier niveau (113) qui couple, sur le plan de la communication, le premier noeud de commande (101) au deuxième noeud de commande (103).
- Réseau de communication selon la revendication 4, comprenant en outre :le premier noeud intermédiaire (105), dans lequel le premier réseau de communication de deuxième niveau (121) est un réseau privé séparé, sur le plan de la communication, du réseau de communication de premier niveau (113).
- Réseau de communication selon la revendication 4 ou 5, comprenant en outre :un deuxième noeud intermédiaire (107),dans lequel le deuxième noeud de commande (103) comprend en outre un module de communication de deuxième noeud intermédiaire (124) pour former un deuxième réseau de communication de deuxième niveau (129) entre le deuxième noeud de commande (103) et le deuxième noeud intermédiaire (107),dans lequel le module de communication de deuxième noeud intermédiaire (124) est adapté pour recevoir des données relatives à une transaction anonyme (137) en provenance du deuxième noeud intermédiaire (107),dans lequel le deuxième noeud de commande (103) comprend une mémoire (139) pour mémoriser les données relatives à une transaction anonyme (137) ;dans lequel les données relatives à une transaction anonyme (137) sont indicatives des données de réponse anonyme (145).
- Réseau de communication selon l'une des revendications 4 à 6, comprenant en outre :le premier noeud d'utilisateur (109) couplé, sur le plan de la communication, au premier noeud intermédiaire (105) par l'intermédiaire d'un réseau de communication public ;le deuxième noeud d'utilisateur (111) couplé, sur le plan de la communication, au deuxième noeud intermédiaire (107) par l'intermédiaire du réseau de communication public,dans lequel le deuxième noeud d'utilisateur (111) est adapté pour transmettre des données relatives à une transaction (136) au deuxième noeud intermédiaire (107), dans lequel, sur la base des données relatives à une transaction (136) transmises, le deuxième noeud intermédiaire obtient les données relatives à une transaction anonyme (137) à transmettre au deuxième noeud de commande (103).
- Réseau de communication selon la revendication 7, dans lequel le deuxième noeud d'utilisateur (111) est adapté pour fournir un accès, lors d'une transaction, aux données de contenu chiffré (135) au premier noeud d'utilisateur (109), dans lequel, lors de la fourniture des données de contenu chiffré (135) au premier noeud d'utilisateur (109), le deuxième noeud d'utilisateur (111) transmet les données relatives à une transaction (136), qui sont relatives à la transaction des données de contenu chiffré (135), au deuxième noeud intermédiaire (107).
- Réseau de communication selon l'une des revendications 4 à 8, dans lequel le premier noeud de commande (101), le deuxième noeud de commande (103) et le deuxième noeud intermédiaire (107) sont adaptés pour, lors de la réception de la demande anonyme (143) et/ou lors de la transmission des données de réponse anonyme (145) au premier noeud intermédiaire (105), transmettre une notification d'accès (138) du premier noeud de commande (101) par l'intermédiaire du deuxième noeud de commande (103) et par l'intermédiaire du deuxième noeud intermédiaire (107) au deuxième noeud d'utilisateur (111), dans lequel la notification d'accès (138) indique que le premier noeud d'utilisateur (109) a accédé aux données de contenu (135).
- Premier procédé de communication, comprenant :la fourniture d'un premier noeud de commande (101) comprenant
un module de communication de premier noeud de commande (115) pour former un réseau de communication de premier niveau (113) avec au moins un deuxième noeud de commande (103) ; et
un module de communication de premier noeud intermédiaire (123) pour former un premier réseau de communication de deuxième niveau (121) avec un premier noeud intermédiaire (105) ;la transmission d'une première demande d'utilisateur (141) comprenant des données personnelles d'un premier noeud d'utilisateur (109) au premier noeud intermédiaire (105) ;la réception, par le module de communication de premier noeud intermédiaire (123), d'une demande anonyme (143) en provenance du premier noeud intermédiaire (105), la demande anonyme (143) étant basée sur la première demande d'utilisateur (141) ;la recherche, sur la base de la demande anonyme (143), dans une première mémoire (140) du premier noeud de commande (101), de données de réponse anonyme (145) ;la transmission, par le module de communication de premier noeud de commande (115), par l'intermédiaire du réseau de communication de premier niveau (113), de la demande anonyme (143) au deuxième noeud de commande (103) ;la réception, par l'intermédiaire du réseau de communication de premier niveau (113), des données de réponse anonyme (145), en réponse à la demande anonyme (143) en provenance du deuxième noeud de commande (103) ; etla transmission, par le module de communication de premier noeud intermédiaire (123), des données de réponse anonyme (145), par l'intermédiaire du premier réseau de communication de deuxième niveau (121), au premier noeud intermédiaire (105) pour une transmission de données de réponse (147) qui sont basées sur les données de réponse anonyme (145) au premier noeud d'utilisateur (109) ;dans lequel les données de réponse anonyme (145) sont indicatives de données relatives à un contenu, les données relatives à un contenu comprenant une clé pour un déchiffrement d'un contenu chiffré fourni par un deuxième noeud d'utilisateur (111) au premier noeud d'utilisateur (109). - Deuxième procédé de communication, comprenant :la fourniture d'un deuxième noeud de commande (103) comprenant
un module de communication de deuxième noeud de commande (117) pour former un réseau de communication de premier niveau (113) avec au moins un premier noeud de commande (101) ; et
une deuxième mémoire (139) pour mémoriser des données de noeud de commande ;
un module de communication de deuxième noeud intermédiaire (124) pour former un deuxième réseau de communication de deuxième niveau (129) avec un deuxième noeud intermédiaire (107) ;la réception, au niveau du module de communication de deuxième noeud intermédiaire (124), de données relatives à une transaction anonyme (137) en provenance du deuxième noeud intermédiaire (107), dans lequel les données relatives à une transaction anonyme (137) sont indicatives des données de réponse anonyme (145) ;la mémorisation, dans la deuxième mémoire (139), des données relatives à une transaction anonyme (137) ;la réception, par le module de communication de deuxième noeud de commande (117), par l'intermédiaire du réseau de communication de premier niveau (113), d'une demande anonyme (143) en provenance du premier noeud de commande (101), la demande anonyme (143) étant basée sur une première demande d'utilisateur (141) comprenant des données personnelles ;la récupération, à partir de la deuxième mémoire (139), sur la base de la demande anonyme (143), des données de réponse anonyme (145), en réponse à la demande anonyme (143) ; etla transmission, par le module de communication de deuxième noeud de commande (117), par l'intermédiaire du réseau de communication de premier niveau (113), des données de réponse anonyme (145) au premier noeud de commande (101) ;dans lequel les données de réponse anonyme (145) sont indicatives de données relatives à un contenu, les données relatives à un contenu comprenant une clé pour un déchiffrement d'un contenu chiffré fourni par un deuxième noeud d'utilisateur (111) à un premier noeud d'utilisateur (109). - Elément de programme, en particulier mémorisé sur un support lisible par ordinateur, dans lequel l'élément de programme, lorsqu'il est exécuté par un processeur, est adapté pour commander ou réaliser toutes les étapes de procédé d'un procédé selon la revendication 10 ou 11.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201061428900P | 2010-12-31 | 2010-12-31 |
Publications (3)
Publication Number | Publication Date |
---|---|
EP2472819A1 EP2472819A1 (fr) | 2012-07-04 |
EP2472819A8 EP2472819A8 (fr) | 2012-11-28 |
EP2472819B1 true EP2472819B1 (fr) | 2016-03-23 |
Family
ID=45418425
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP11193877.5A Active EP2472819B1 (fr) | 2010-12-31 | 2011-12-15 | Systèmes et procédés pour fournier et utiliser un réseau de communication sécurisé |
Country Status (8)
Country | Link |
---|---|
US (1) | US9419945B2 (fr) |
EP (1) | EP2472819B1 (fr) |
JP (1) | JP2012150793A (fr) |
KR (1) | KR101960368B1 (fr) |
CN (1) | CN102546615A (fr) |
CA (1) | CA2762485C (fr) |
RU (1) | RU2622401C2 (fr) |
SG (1) | SG182110A1 (fr) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8688827B2 (en) * | 2011-02-10 | 2014-04-01 | Xvd Technology Holdings Limited | Overlay network |
US10075471B2 (en) * | 2012-06-07 | 2018-09-11 | Amazon Technologies, Inc. | Data loss prevention techniques |
KR101479498B1 (ko) * | 2013-02-13 | 2015-01-09 | 아주대학교산학협력단 | 도로 네트워크에서 움직이는 k-최근접 질의를 위한 안전한 모니터링 기법 |
US9608965B2 (en) * | 2014-11-12 | 2017-03-28 | Intel Corporation | Secure network request anonymization |
US10601443B1 (en) * | 2016-08-24 | 2020-03-24 | Arrowhead Center, Inc. | Protocol for lightweight and provable secure communication for constrained devices |
US11409980B2 (en) * | 2018-12-19 | 2022-08-09 | Acoustic Arc International Limited | Audio-effect-activated scent generation method and system |
JP7031084B2 (ja) * | 2020-01-14 | 2022-03-07 | 三菱電機株式会社 | 匿名加工評価システム、匿名加工評価方法および匿名加工評価プログラム |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1752918A1 (fr) * | 2005-07-06 | 2007-02-14 | Nero AG | Serveur de licence et ordinateur d'utilisateur |
US20080005264A1 (en) * | 2006-06-28 | 2008-01-03 | Microsoft Corporation | Anonymous and secure network-based interaction |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6266704B1 (en) * | 1997-05-30 | 2001-07-24 | The United States Of America As Represented By The Secretary Of The Navy | Onion routing network for securely moving data through communication networks |
DE19903822C2 (de) * | 1999-02-02 | 2001-09-20 | Mathias Entenmann | Verfahren zur Durchführung bargeldloser Zahlungen und System zur Durchführung des Verfahrens |
US6961336B2 (en) * | 2001-03-06 | 2005-11-01 | Watchguard Technologies, Inc. | Contacting a computing device outside a local network |
US20020152326A1 (en) | 2001-04-03 | 2002-10-17 | David Orshan | System, method and computer program product for facilitating local internet service providers to deliver guaranteed bandwidth internet service |
US20020165815A1 (en) * | 2001-05-07 | 2002-11-07 | International Business Machines Corporation | Online marketplace with anonymous communication |
US7171493B2 (en) | 2001-12-19 | 2007-01-30 | The Charles Stark Draper Laboratory | Camouflage of network traffic to resist attack |
JP4360883B2 (ja) * | 2003-11-27 | 2009-11-11 | 富士通株式会社 | 情報検索方法、情報検索装置、および情報検索プログラム |
US20060023727A1 (en) * | 2004-07-30 | 2006-02-02 | George David A | Method and apparatus for anonymous data transfers |
US20070124583A1 (en) * | 2005-11-25 | 2007-05-31 | Sony Ericsson Mobile Communications Ab | Method for storing and transfer of rights objects between devices and device exploiting the method |
ES2362743T3 (es) | 2005-12-29 | 2011-07-12 | Regify Ag | Sistema de comunicaciones para el envío de mensajes de correo electrónico. |
US8020195B2 (en) | 2007-03-30 | 2011-09-13 | Citrix Systems, Inc. | Systems and methods for user login |
US20090172171A1 (en) * | 2007-12-31 | 2009-07-02 | Shai Amir | Method and an apparatus for disguising digital content |
GB2467580B (en) | 2009-02-06 | 2013-06-12 | Thales Holdings Uk Plc | System and method for multilevel secure object management |
CN102045314B (zh) * | 2009-10-10 | 2016-08-03 | 中兴通讯股份有限公司 | 匿名通信的方法、注册方法、信息收发方法及系统 |
US20130054965A1 (en) * | 2009-12-23 | 2013-02-28 | Telefonaktiebolaget L M Ericsson (Publ) | Usage Control of Digital Data Exchanged Between Terminals of a Telecommunications Network |
US8930064B2 (en) * | 2011-10-27 | 2015-01-06 | Snap-On Incorporated | Method and system for automated and manual data capture configuration |
-
2011
- 2011-12-15 EP EP11193877.5A patent/EP2472819B1/fr active Active
- 2011-12-16 CA CA2762485A patent/CA2762485C/fr active Active
- 2011-12-16 JP JP2011276159A patent/JP2012150793A/ja active Pending
- 2011-12-19 SG SG2011094273A patent/SG182110A1/en unknown
- 2011-12-21 RU RU2011152235A patent/RU2622401C2/ru active
- 2011-12-21 KR KR1020110139496A patent/KR101960368B1/ko active IP Right Grant
- 2011-12-22 US US13/334,079 patent/US9419945B2/en active Active
- 2011-12-22 CN CN2011104484325A patent/CN102546615A/zh active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1752918A1 (fr) * | 2005-07-06 | 2007-02-14 | Nero AG | Serveur de licence et ordinateur d'utilisateur |
US20080005264A1 (en) * | 2006-06-28 | 2008-01-03 | Microsoft Corporation | Anonymous and secure network-based interaction |
Also Published As
Publication number | Publication date |
---|---|
JP2012150793A (ja) | 2012-08-09 |
CN102546615A (zh) | 2012-07-04 |
RU2622401C2 (ru) | 2017-06-15 |
KR101960368B1 (ko) | 2019-03-20 |
SG182110A1 (en) | 2012-07-30 |
US9419945B2 (en) | 2016-08-16 |
KR20120078603A (ko) | 2012-07-10 |
CA2762485C (fr) | 2019-04-30 |
EP2472819A1 (fr) | 2012-07-04 |
RU2011152235A (ru) | 2013-06-27 |
CA2762485A1 (fr) | 2012-06-30 |
US20120173664A1 (en) | 2012-07-05 |
EP2472819A8 (fr) | 2012-11-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2377263B1 (fr) | Schéma de distribution de clés pour réseaux informationnels | |
US20220086154A1 (en) | Personal identity system | |
EP2472819B1 (fr) | Systèmes et procédés pour fournier et utiliser un réseau de communication sécurisé | |
US8683040B2 (en) | Intermediary node with distribution capability and communication network with federated metering capability | |
AU2020202168B2 (en) | Method and system related to authentication of users for accessing data networks | |
CN101350717B (zh) | 一种通过即时通信软件登录第三方服务器的方法及系统 | |
EP3345372B1 (fr) | Gestion de clé sécurisée et système de transmission poste à poste avec une structure de clé cryptographique à double niveau commandée et procédé correspondant | |
US20110078437A1 (en) | Simplifying addition of web servers when authentication server requires registration | |
KR20070108365A (ko) | 사용자가 가입자 단말에서 단말 장치에 원격으로 접속할 수있게 하기 위한 원격 접속 시스템 및 방법 | |
JP2003248659A (ja) | コンテンツへのアクセス制御のための方法とコンテンツへのアクセス制御のためのシステム | |
US12088590B2 (en) | Secure keyboard resource limiting access of user input to destination resource requesting the user input | |
CN102318376A (zh) | 用于实现隐私控制的方法和系统 | |
CN114697065A (zh) | 安全认证方法和安全认证装置 | |
GB2413744A (en) | Limiting access to personal (e.g. location) information of a service user by a service provider | |
JP2015515700A (ja) | クライアントシステムを認証するための方法およびコンピュータ通信システム | |
Ziółkowski et al. | A cryptographic mobile agent implementing secure personal content delivery protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20121221 |
|
17Q | First examination report despatched |
Effective date: 20131112 |
|
17Q | First examination report despatched |
Effective date: 20131128 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04L 29/06 20060101AFI20150806BHEP Ipc: H04L 12/58 20060101ALI20150806BHEP Ipc: G06Q 30/06 20120101ALI20150806BHEP Ipc: H04L 12/46 20060101ALI20150806BHEP Ipc: G06Q 30/04 20120101ALI20150806BHEP |
|
INTG | Intention to grant announced |
Effective date: 20150907 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: REF Ref document number: 784133 Country of ref document: AT Kind code of ref document: T Effective date: 20160415 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602011024266 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG4D |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: MP Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160624 Ref country code: NO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160623 Ref country code: HR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MK05 Ref document number: 784133 Country of ref document: AT Kind code of ref document: T Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: RS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160723 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: SM Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160725 Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: IT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602011024266 Country of ref document: DE |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BG Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160623 |
|
26N | No opposition filed |
Effective date: 20170102 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 6 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 7 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: HU Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO Effective date: 20111215 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 Ref country code: MK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20161215 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: AL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20160323 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R079 Ref document number: 602011024266 Country of ref document: DE Free format text: PREVIOUS MAIN CLASS: H04L0029060000 Ipc: H04L0065000000 |
|
P01 | Opt-out of the competence of the unified patent court (upc) registered |
Effective date: 20230522 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20231206 Year of fee payment: 13 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: LU Payment date: 20231213 Year of fee payment: 13 Ref country code: IE Payment date: 20231218 Year of fee payment: 13 Ref country code: FR Payment date: 20231221 Year of fee payment: 13 Ref country code: DE Payment date: 20231213 Year of fee payment: 13 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: CH Payment date: 20240102 Year of fee payment: 13 |